Tuesday, June 11, 2013

Spy vs Spy in the cyber age

Despite very public pressure, US President Barack Obama and his Chinese counterpart, Xi Jinping, failed to reach an agreement on combating cyber-espionage at their weekend meeting in California. Beijing and Washington are trading increasingly harsh accusations of launching state-sanctioned cyber attacks. Meanwhile, a covert program of Internet data mining by US intelligence agencies has been revealed by a young whistleblower, who has taken refuge in China's Special Administrative Region of Hong Kong.

China and the United States are contesting a vast and uncharted arena of superpower rivalry. The cyber war has already begun.

Obama and Xi left their summit in Palm Springs with a series of

important agreements, covering such pressing issues as the North Korean nuclear weapons program and global warming. However, Obama's efforts to persuade Xi to work out an agreement on cyber-espionage were entirely unsuccessful.

To avoid electronic eavesdropping, Xi and his delegation decided at the last minute to stay in a downtown hotel away from the summit's grounds. If he wants to prevent American intelligence from accessing his personal communications, Xi would be wise to avoid Facebook and Gmail.

In recent weeks, Washington and Beijing have very publicly exchanged allegations of cyber malfeasance. Before the Palm Springs summit, a White House official stressed, "Governments are responsible for cyber attacks that take place from within their borders. As a part of our interests in protecting US businesses, we will raise with China any concerns we have about intrusions we believe emanate from China." [1]

The Chinese government responded with counter-accusations of American cyber attacks directed against China. A report in People's Daily claimed that in the first five months of 2013, more than 4,000 US-based control servers "hijacked" 2.91 million mainframes in China. Huang Chengqing, the director of the Chinese National Computer Network Emergency Response Technical Team, declared "We have mountains of data, if we wanted to accuse the US, but it's not helpful in solving the problem. The importance of handling Internet security cases keeps rising, but the issue can only be settled through communication, not confrontation." [2]

Meanwhile, reports of a vast operation by American intelligence to collect information from the world's leading Internet firms have overshadowed the extensive cyber-espionage and raids carried out between the US and China.

The PRISM program is a mechanism for direct US government access to the data of Google, Microsoft, Yahoo, Facebook, AOL, Apple, and Paltalk. It allows US intelligence to view emails, search queries, online chats, photos, and video calls hosted by the major platforms for online communications - everything from Gmail and Hotmail to YouTube, and Skype. According to classified documents, the NSA collected nearly 3 billion pieces of electronic information from US computer servers in the period of just one month. [3]

According to the source of the intelligence leak, "The NSA has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting." [4]

Director of National Intelligence James Clapper released a fact sheet meant to justify the once-secret program, claiming PRISM "facilitates the targeted acquisition of foreign intelligence information concerning foreign targets located outside the United States under court oversight". For the program to collect data, it must have "an appropriate, and documented, foreign intelligence purpose" and target a person "reasonably believed to be outside the United States". [5]

In other words, any potentially useful electronic communications of any human being outside the United States are fair game. According to the Foreign Intelligence Surveillance Act, the president of the United States has the authority to target foreign communications without a court order for the period of one year. No wonder the NSA can collect three billion pieces of data in a month.

China's blocking of major social networking, news, and political websites - the so-called "Great Firewall of China" - has long been the target of Western, and particularly American, condemnation. In a 2010 speech, then secretary of state Hillary Clinton warned that a "new information curtain is descending across much of the world... In the last year, we've seen a spike in threats to the free flow of information. China, Tunisia and Uzbekistan have stepped up their censorship of the Internet." [6]

The most popular US-based websites blocked by the Chinese government are Facebook and YouTube. Google search and Gmail, while not entirely jammed, are frequently disrupted by China's Great Firewall.

It seems that Clinton's much-championed "free flow of information" includes an unquenchable flood of personal data into the NSA's massive information farms. By blocking Facebook and YouTube, Beijing has inadvertently protected the private information of Chinese citizens (at least from Washington), and denied the US government billions of pieces of potentially useful data about the Chinese economy, military, and government.

Roughly 700 million Chinese people are active on the Internet, out of a worldwide total of 2.4 billion Internet users. In other words, fully 29% of all Internet users live in China. Savvy Chinese netizens can easily find means to get beyond the Great Firewall. However, the inconvenience of these methods, and the availability of domestic Chinese alternatives, has greatly restricted the penetration of Facebook and YouTube into the Chinese market.

The PRISM program has provided Beijing with a golden justification for continuing to restrict access to certain websites. Washington's calls for freedom of information are more likely to be viewed in a hypocritical light in the wake of the PRISM program's public outing.

A refuge in the Middle Kingdom?The electronic rivalry between Washington and Beijing is becoming yet more intense, as the whistleblower who exposed the PRISM program takes refuge in Hong Kong.

Edward Snowden, a former CIA-employee, chose Hong Kong as his port of call before leaking the classified documents. When coming public about his own identity, he cited the city's "reputation for freedom", while in the same breath saying this distinction comes "in spite of the People's Republic of China". [7] Snowden has cited Iceland as a possible long-term destination for asylum.

However, a former CIA employee, no matter how ideologically committed to the cause of freedom, is unlikely to be naive. The recent history of "extraordinary rendition" of terror suspects from America's democratic Western allies probably factored into Snowden's decision to decision to go East.

Choosing Hong Kong may serve a dual purpose - Snowden hopes to take advantage of both the autonomous city's open judicial process and the implied protection of China's clandestine security forces.

In the light of intelligence officials joking about "disappearing" Snowden and a reporter covering the PRISM story [8], Snowden might reasonably chose to trust Beijing over Reykjavik for his personal protection. While it may seem ironic for an American champion of open information to take refugee in China, politics makes for strange bedfellows.

Former CIA official Robert Baer has even gone so far as to say the entire leak of PRISM was orchestrated by Beijing: "On the face of it, it looks like it's under some sort of Chinese control. ... You have to ask what's going on? I mean, China is not a friendly country, and every aspect of that country is controlled." [9] Baer cited both Snowden's port of call and the timing of the leak - coming at the same days as the Obama-Xi summit - as being particularly suspicious.

If indeed Snowden has defected to Beijing, this would represent a huge coup for China in the emerging realm of cyber rivalry. Already the PRISM program has helped to justify China's Internet censorship and expose a large degree of official hypocrisy on the part of the American government.

The most dangerous aspect of cyber espionage remains its unpredictable nature. There are no clear rules of engagement differentiating between routine intelligence gathering and outright aggression. Both Beijing and Washington have a clear interest in defining red lines to prevent uncontrollable escalation.

However, this very necessary discussion is probably best conducted in secret. Washington's vocal denunciations of Beijing's aggressive cyber activities have served little purpose other than angering Beijing, exposing American hypocrisy abroad, and justifying increased domestic control and surveillance over the Internet by the American government.

The cyber war is already here. America's PRISM and China's Great Firewall may be signs of what is to come in a developing electronic arms race.